For anyone wondering X2Go " is a Remote Desktop solution, which some vendors vaguely call Remote Control. This is not to be confused with Microsoft Remote Desktop Connection, which is a competing Remote Desktop solution and protocol."

Cinnamon does not work at all for me. Using the Windows X2Go client, I cannot see the mouse pointer at all. Using the PyHoca client, I get the desktop icons, but no panel at the bottom of my screen, lol.

Using Mate, everything works beautifully. I must also add this is a Virtual Box VM that I am connecting to, and Cinnamon works fine when logged in locally at my laptop.

Using the Windows X2Go client, I cannot see the mouse pointer at all. Using the PyHoca client, I get the desktop icons, but no panel at the bottom of my screen, lol.

OH WAIT!!!

You mean on the terminal server side, not the local client side. Okay, totally different. And yes, we had Cinnamon issues with ScreenConnect but not with X2Go. But we don't use Cinnamon but use LXDE just because it is lighter and faster over the NX link.

Yea on the terminal Server side. I'm using the Pyhoca GUI + Mate. It rocks! And to whoever was complaining about the funky seal looking icon, thta is the Pyhoca GUI, and not the regular X2Go Client app.

Any issues with software rendering and Mate? Mate is the one desktop we never test (Gnome 2 and all that.) You find it superior to LXDE? We find default XFCE to be very wasteful on screen real estate.

I was always a big fan of the old Gnome (before Gnome 3 / Unity and all that). Mate runs plenty fast enough for me from off site, over ZT and a home connection that only has 4mbit upload.

I really like the Pyhoca GUI, as it can dynamically resize the screen with only a short lag. I can watch videos on youtube (not in full screen, lol) and sound works too (I think). I also like Mate because it is similar in layout to Cinnamon without the hardware requirements for the fancy effects.

I had the same issue with cinnamon. It would go to fallback mode and then all you had was the application menu and places. I couldn't even log out! But Mate works really well. You get the old Mint Menu design and it works pretty well at least on my LAN. I'm going to test it tomorrow from my parents house over ZeroTier to see how it works over the internet.

I had the same issue with cinnamon. It would go to fallback mode and then all you had was the application menu and places. I couldn't even log out! But Mate works really well. You get the old Mint Menu design and it works pretty well at least on my LAN. I'm going to test it tomorrow from my parents house over ZeroTier to see how it works over the internet.

I had the same issue with cinnamon. It would go to fallback mode and then all you had was the application menu and places. I couldn't even log out! But Mate works really well. You get the old Mint Menu design and it works pretty well at least on my LAN. I'm going to test it tomorrow from my parents house over ZeroTier to see how it works over the internet.

How use ZeroTier? Why not connect directly?

It's on a VM on the server in my house. I'd either have to port forward or just use ZeroTier.

Right. So I'll use my existing ZT Network and not (manually) poke holes in my firewall.

So you are going to expose the whole network to any ransomware / cryptoware risks on your connecting machines? One of the beauties of using a terminal server is providing an air gap to keep the biggest risks from getting through. VPNs are huge risks to networkworks.

@scottalanmiller With something like ZeroTier, the LAN is simply spread over larger distances. In that same retrospect, considering any Remote-Desktop-like tool (RDSH / X2Go, et al) there's always a risk that someone can get infected with bad stuff.

If a user is using X2Go/RDP and connected to my server and they are connected to all their shares, and they get hit with Cryptoware, it doesn't matter that they're on an remote-session, or if they're physically connected to the LAN or by ZT (or VPN), it will still encrypt their files and shares.

@scottalanmiller With something like ZeroTier, the LAN is simply spread over larger distances. In that same retrospect, considering any Remote-Desktop-like tool (RDSH / X2Go, et al) there's always a risk that someone can get infected with bad stuff.

Not really. If I'm connected to an NX server at a client site, they cannot infect me nor can I infect them. We are firewalled from each other except for the graphical protocol. It's dramatically safer than a VPN.

If a user is using X2Go/RDP and connected to my server and they are connected to all their shares, and they get hit with Cryptoware, it doesn't matter that they're on an remote-session, or if they're physically connected to the LAN or by ZT (or VPN), it will still encrypt their files and shares.

Well then don't bypass the security by allowing shares to be added making the channel an more generic VPN again. That's not an exposure that you want.

Any direct LAN, ZT, VPN, etc. connection opens you up to huge exposure.

Not really. If I'm connected to an NX server at a client site, they cannot infect me nor can I infect them. We are firewalled from each other except for the graphical protocol. It's dramatically safer than a VPN.

Right, but an End User can still get themselves infected. (Yes, it's Linux, no, it isn't bullet proof, but you know this already).

Well then don't bypass the security by allowing shares to be added making the channel an more generic VPN again. That's not an exposure that you want.

Any direct LAN, ZT, VPN, etc. connection opens you up to huge exposure.

So I have allowed my end-user to connect to their X2Go / RDP server and say "Here's all your applications" ... but what about their Data?

If their data lives on file shares, then what? They can have their apps but not their data?
Okay. Let's use ownCloud... Their files still get encrypted, and we still have to restore them from backups.

I do not disagree that there is more exposure. But how is this any different than being on a LAN? If my laptop worker is sitting at their desk connected to my LAN, or if they're 500 miles away, connected to my LAN?

[Maybe this would be good to fork off into its own discussion, lol... Title suggestion: VPN vs Port Forwarding ?].

Not really. If I'm connected to an NX server at a client site, they cannot infect me nor can I infect them. We are firewalled from each other except for the graphical protocol. It's dramatically safer than a VPN.

Right, but an End User can still get themselves infected. (Yes, it's Linux, no, it isn't bullet proof, but you know this already).